From 23718eeb06bbaf37e4fbc0ca0b56d1010a7acfb3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Oct 2023 11:54:56 +0000 Subject: [PATCH] Bump github/codeql-action from 2.20.0 to 2.22.3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.0 to 2.22.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/6c089f53dd51dc3fc7e599c3cb5356453a52ca9e...0116bc2df50751f9724a2e35ef1f24d22f90e4e1) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/score.yaml | 2 +- .github/workflows/test.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/score.yaml b/.github/workflows/score.yaml index 1c700c0..e3616c7 100644 --- a/.github/workflows/score.yaml +++ b/.github/workflows/score.yaml @@ -31,6 +31,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.20.0 + uses: github/codeql-action/upload-sarif@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 with: sarif_file: results.sarif diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 0159a03..e37c3bb 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -176,6 +176,6 @@ jobs: severity: ${{ inputs.scan-severity }} exit-code: '1' - name: Upload Report - uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e # v2.11.6 + uses: github/codeql-action/upload-sarif@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.11.6 with: sarif_file: 'trivy-results.sarif' \ No newline at end of file